I have a box on DSL, that is behind a NAT, mail server has a private ip address, I'm forwarding all the required ports

I have a example.com and a DNS entry of mail.example.com that points to a real IP address (made up to protect the innocent) that is the public dsl address.

my /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail. localhost.localdomain localhost mail.example.com mail

First ? should that entry be nat's private address as it is, or should it be the public ip of my DSL.

Ok so here is my first problem.

I can "telnet localhost 25" and conect to the mail server, but when I "telnet 25" I get connection refused. I have iptables off for testing. And I can get web part of zimbra so I can connect to to connect to other services just fine.

So what have I done wrong.

FYI, this is only temorary till I move the box to the datacenter. But I'd like to get it working and test zimbra before I move it.